RSS   Podatności dla 'Libass'   RSS

2021-07-20
 
CVE-2020-36430

CWE-787
 

 
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.

 
2021-03-23
 
CVE-2020-24994

CWE-787
 

 
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.14.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.

 
2020-10-16
 
CVE-2020-26682

CWE-190
 

 
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.

 
2017-03-03
 
CVE-2016-7972

CWE-399
 

 
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.

 
 
CVE-2016-7970

 

 
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.

 
 
CVE-2016-7969

CWE-125
 

 
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

 


Copyright 2021, cxsecurity.com

 

Back to Top